Registering Devices Automatically on the IGEL UMS
In the following article, you will learn how to configure the automatic registration of endpoint devices on the IGEL Universal Management Suite (UMS). To learn more about automating the rollout with Zero Touch Deployment, see How to Automate the Rollout Process in the IGEL UMS.
For a general overview of device registration methods, see Registering IGEL OS Devices on the UMS Server.
You can configure the UMS Server so that all IGEL OS devices on the server's network are automatically registered at startup. To do this, the devices must be given the address of the UMS Server via DHCP or DNS.
IGEL recommends automatic registration when registering new IGEL OS 11 devices for the first time during the rollout. You can use automatic registration also for IGEL OS 12 devices that are inside the company network; for IGEL OS 12 devices outside the company network, it is preferable to use IGEL Onboarding Service, see How to Start with IGEL > Onboarding IGEL OS 12 Devices
Disable automatic registration as soon as all devices have been registered, so that no unknown devices can obtain sensitive settings.
To configure UMS Servers and devices for automatic registration, proceed as follows:
In the UMS Console, go to UMS Administration > Global Configuration > Device Network Settings and select the Enable automatic registration (without MAC address import) checkbox.
If this option is enabled, each device without a UMS certificate (is distributed to the clients during registration) in the network will be added to the UMS database. If you reset a device to the factory settings and reboot it, it will immediately be registered on the server again.
Configuration of the network environment for an automatic UMS registration:
Via DNS:
Create a DNS entryigelrmserver
(entry type A) on your DNS server which points to the UMS Server.Via DHCP:
Change the DHCP server configuration depending on the IGEL OS version of your endpoints as follows:IGEL OS 11.03.500 or lower: Set
igelrmserver
as DHCP option 224. Set the DHCP option 224 as a string - not as a DWORD - to the IP address of the server. For the default Linux DHCP server, add the following in thedhcpd.conf
file in the appropriate section, e.g. in the global section:option igelrmserver code 224 = text
option igelrmserver ""
IGEL OS 11.04.100 or higher: Alternatively you can use DHCP option 43 (vendor-specific options) to send DHCP option 224 (name:
igelrmserver
) to the correct endpoints. An end device with IGEL OS 11.04.100 or higher sends the option 60 (vendor class identifier) withigel-dhcp-1
as value.
An IGEL-specific DHCP option that is sent in DHCP option 43 overrides a corresponding DHCP option that is sent in the global namespace. The DHCP options 1, 224, and 226 can be embedded in option 43.
You can prevent a DHCP option 224 that has been sent in the global namespace from being interpreted. To achieve this, you must add option 1 (called "exclusive", type Byte, value 1) to DHCP option 43.